[Xenon]

@Xenon:By reading your text most of it was clear to me till now

That is probably because i am drunk in a hotel posting on a smartphone while the rest of my family is sleeping

So my question is:
Is the patrolling of the IC not the regular Matrix Perception test were you cant defend, but some kind of test were you can try to blend in?

If you are running silent then the IC does an opposed Matrix Perception test vs Logic + Sleaze every 5-11 combat turns or so (there is a table with random durations for different host ratings).

I suggested that you might go in without running silent if you only plan to stay for a few combat turns anyway (for the two extra dice). If you don't change your icon then you obviously will not belong and Patrol IC  (and the Spider) will probably scan you much sooner than 5-11 combat turns - but if you change your icon then Patrol IC will probably not scan you until the 5-11 combat turns passed (but that if you don't run silent once you are scanned then patrol IC only need one hit on a simple test to spot that you don't belong rather than a net hit on an opposed test). NOTE: This is not RAW! DataTrail suggest that you always run silent when invading a host.

I wondered how you want to get for instance to the hidden file of all the Camera feed which you want to loop or s.th. while you are playing a stealth mission?

I would crack the protected live video file icon on each individual camera and change the live feed at the source with a continuous edit in real time as the team walk pass.

The only way to change a protected file once it is already been sent to safe storage inside a host is to crack the protection of the file icon inside the host (but this always alert the host in the process - there is no sleaze action to crack a protected file). This would probably be a last resort if your team get caught by a camera you failed to hack in time or when your team magician failed to sustain improved invisibility as your team passed the camera.

With data trail you also have the option to edit or delete a file in such way that it will leave no trace at all - by entering the archive node within the foundation. But this is also nothing you do in real time while the team actually walk pass the camera....

Another option you have in Data Trail is to use the Garbage In - Garbage Out matrix action on the camera....



(Personally i think it would be cool if you could crack a file with a sleaze action, but you can't).


If the camera file icon in the host is not protected then you can mark and change it within the host without alerting the host. Just don't stay to long as the Patrol IC might scan you any second....

[korusef]

As of Data Trail IC do start alert if it spot you. It will identify you as an intruder even if you change your icon.

As detailed on p. 248 of Shadowrun, Fifth Edition, Patrol IC is typically always running in a host, constantly scanning for suspicious activity.
...
Use the following chart to determine how frequently Patrol IC makes a targeted Matrix Perception Test against the hacker:

My reading is that this gives the Patrol IC no special power. It is a simple rule of thumb clarification for GMs how often the Patrol ICs in different hosts will do the Matrix Perception test for illegal behavior on the hacker's icon.
So if the Patrol IC would not rise the alert by the core it should not rise the alert by the DT.

a) How does he locate the file ?

With matrix search and a base time of 1 minute.

Will you find the file through the search even if it is protected and within another protected file icon?

[Xenon]

(got access to my books now )

As detailed on p. 248 of Shadowrun, Fifth Edition, Patrol IC is typically always running in a host, constantly scanning for suspicious activity.
...
Use the following chart to determine how frequently Patrol IC makes a targeted Matrix Perception Test against the hacker:

My reading is that this gives the Patrol IC no special power. It is a simple rule of thumb clarification for GMs how often the Patrol ICs in different hosts will do the Matrix Perception test for illegal behavior on the hacker's icon.
So if the Patrol IC would not rise the alert by the core it should not rise the alert by the DT.

Yes.
Re-reading the chapter and the example I tend to agree with this.

So, what does "scanning for suspicious activity" mean?

SR5 p. 235 Matrix Perception
When you take a Matrix Perception action, each hit can reveal one piece of information you ask of your gamemaster. Here’s a list of some of the things Matrix Perception can tell you. It’s not an exhaustive list, but it should give you a pretty good idea about how to use Matrix Perception:
...
• The last Matrix action an icon performed, and when.
...


"Suspicious activity" might be "Last Matrix Action";
That if the "Last Matrix Action" is a Sleaze or Attack Action then Patrol IC will not like what it sees and will sound an alarm...?

It is clear that running silent make it harder for the host to Spot you. However, once you show up on the hosts spotting list it seem as if it only need one hit on a simple matrix perception test to check your last matrix action...

Are intruders maybe supposed to use the Hide matrix action at regular intervals (assuming that the intruder can't really tell if the host actually spotted him or not) to continue to stay off the hosts spotting list in order to benefit from running silent...?

If you are just trying to search for a the correct SR5 File Icon (using the data processing matrix action "Matrix Search") then maybe you might as well do it while not running silent?

Thoughts?

What about not running silent and follow up all your illegal sleaze and attack actions with a legal data processing action (like matrix perception). Once the host get around to scan you odds are that it will show your last matrix action as Matrix Perception (or Change Icon, Edit File or Matrix Search etc). Not really suspicious activity...?

Actually... just being Spotted as Running Silent in a host that are not supposed to have any silent running icons might in itself be considered suspicious activity...?

I need to think about this.

Will you find the file through the search even if it is protected and within another protected file icon?

According to the table on p. 24; Information can be:
1) General Knowledge or Public
2) Limited Interest or Not Publicized
3) Hidden or Actively Hunted and Erased
4) Protected or Secret

Once you are in the host where the information is stored (but actually finding the correct host will be tricky if the information is Protected or Secret) then you can find it with Matrix Search with a base time of 20 combat turns that you can reduce with extra hits... regardless of the kind of information you are searching for.

SR5 p. 241-242 Matrix Search
You can then make a Matrix Search within the host, using a base time of 1 minute (regardless of the kind of information you’re looking for).


But the information also need to be at least occasionally accessed by a legitimate user (or else you need to go deep into the foundation and bring it out of archive).

SR5 p. 242 Matrix Search
This only works if the information is at least occasionally accessed by the legitimate users of the host. If the information is archived, you’ll need to dig deeper into the host for that information, a dangerous process that is detailed in the forthcoming Matrix sourcebook.



To my knowledge you cannot "Enter File Icon" (like a "Node" or a "mini host") to get access to other SR5 File Icons within the first....?

[Darzil]

Personally, especially if being used as the goal for a run, I'd allow variation in hosts for what Patrol IC is looking for, and allow legwork or Johnson to fill them in about it. It allows for more variation than having everything nailed down the same everywhere. So some hosts would just check it last use was Attack/Sleaze, others would check against a whitelist of allowed devices, some would make decisions themselves, some would flag oddities to a spider, etc.

[korusef]

What about not running silent and follow up all your illegal sleaze and attack actions with a legal data processing action (like matrix perception). Once the host get around to scan you odds are that it will show your last matrix action as Matrix Perception (or Change Icon, Edit File or Matrix Search etc). Not really suspicious activity...?

This is how we are playing it.

Actually... just being Spotted as Running Silent in a host that are not supposed to have any silent running icons might in itself be considered suspicious activity...?

I need to think about this.

Or host could have somewhere white-list of personas that are allowed inside, separated from marks ...

Or it is about how you interact with agents in the host:

The code inputs had all been correct, but whoever had uploaded them had neglected to include an apologetic greeting, a brief, electronic "may I trouble you for" that was customary with all artificially intelligent Nihojin systems ...

To my knowledge you cannot "Enter File Icon" (like a "Node" or a "mini host") to get access to other SR5 File Icons within the first....?

These files are visible to people who can see your commlink in the Matrix, so most people keep all of their files in a protected folder.

If folder is just a file icon, you have to read it to see what files are inside. It also can be protected and you have to break the protection to be able to read it. (Or it might just be another part of misleading fluff that has no impact on the rules ...)

[Xenon]

A SR5 File Icon is pretty much the same thing as a 2015 Folder.
You can store multiple text/video/audio-files within a single SR5 File Icon.
The entire SR5 File Icon can be Protected or not Protected.

If the SR5 File Icon is Protected then nobody can read the content of the text/video/audio-files within the SR5 File Icon.

If the SR5 File Icon is not protected then everyone can read/view/listen to the content of the SR5 File Icon.

To alter, copy or delete text/audio/video of any files within a SR5 File Icon you need to remove the Protection on the SR5 File Icon if it was protected and you need a mark on the SR5 File Icon.